The deployment model describes the platform deployment models for account management, tenancy, and the deployment of entities in a distributed cloud-agent-gateway environment.
Tenancy is a key construct for managing the platform, itself. The following figure represents the elements of tenancy:
The partner account partitions resources and capabilities among clients, which are typically business units. Partners and clients enter the notion of scope for users who are granted access rights rights within the partner or client scope.
The following figure show a further iteration on user access rights:
Users can be grouped into user groups. Users and user groups can be assigned roles, which have certain access rights to resources depending on role requirements. Access level is defined by the permission set defined for the resource, which can be a subset of:
The following example shows user groups assigned to either a Server Administrator or Network Administrator role with different resource access permissions, depending on the role:
Hybrid cloud and distributed architecture
A cloud environment involves the deployment of agents and gateways in the proximity of managed resources, or integrations with other domains for direct interaction with the cloud:
The figure shows servers communicating with an agent, which interfaces with a gateway to access the cloud. Network and other non-server resources communicate directly with the gateway to interface with the cloud. Synthetics and public cloud integrations also provide a cloud interface in addition to APIs.
Agents and gateways can be deployed independently or in tandem to enter the connectivity between managed resources and the cloud.
The agent is an executable application that runs on managed Windows and Linux devices, such as servers, desktop, and laptops. Agents can communicate with the cloud using a gateway and also directly or using a customer-owned proxy server.
Agent-based deployment is on:
Physical and private cloud servers
Public cloud instances
The following installation methods are provided, depending on operating system:
- Deployment using a provided utility
- Deployment using group policy
- Deployment using a customer-owned automation tool, such as Chef, Puppet, Ansible, or any other orchestration tool
- A feature that installs agents on Linux from the cloud
- Installation using a Linux deployment script
- Deployment through a customer-owned automation tool, such as Chef, Puppet, Ansible, or any other orchestration tool
A Gateway is a virtual machine that manages network devices, such as switches, routers, firewalls, load balancers, and appliances, storage devices, virtual environments, and applications, such as Weblogic and Websphere:
The following gateway deployment models are supported:
- OVA mode for VMWare environments
- ISO mode for hybrid IT models
- AMI for deployment in the AWS cloud
- VHD for deployment in the Azure cloud
- IMAGE for deployment in the Google Cloud Platform